Re: GSS-API channel bindings
Nicolas Williams <Nicolas.Williams@sun.com> Thu, 15 July 2004 18:31 UTC
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id i6FIVYFN089623; Thu, 15 Jul 2004 11:31:34 -0700 (PDT) (envelope-from owner-ietf-sasl@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id i6FIVYRr089622; Thu, 15 Jul 2004 11:31:34 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-sasl@mail.imc.org using -f
Received: from nwkea-mail-1.sun.com (nwkea-mail-1.sun.com [192.18.42.13]) by above.proper.com (8.12.11/8.12.9) with ESMTP id i6FIVVfF089598 for <ietf-sasl@imc.org>; Thu, 15 Jul 2004 11:31:31 -0700 (PDT) (envelope-from nw141292@binky.central.sun.com)
Received: from centralmail1brm.Central.Sun.COM ([129.147.62.1]) by nwkea-mail-1.sun.com (8.12.10/8.12.9) with ESMTP id i6FIVHJ6002650; Thu, 15 Jul 2004 11:31:17 -0700 (PDT)
Received: from binky.central.sun.com (binky.Central.Sun.COM [129.153.128.104]) by centralmail1brm.Central.Sun.COM (8.12.10+Sun/8.12.10/ENSMAIL,v2.2) with ESMTP id i6FIV18X024824; Thu, 15 Jul 2004 12:31:01 -0600 (MDT)
Received: from binky.central.sun.com (localhost [127.0.0.1]) by binky.central.sun.com (8.12.11+Sun/8.12.11) with ESMTP id i6FIS7ZJ646312; Thu, 15 Jul 2004 13:28:22 -0500 (CDT)
Received: (from nw141292@localhost) by binky.central.sun.com (8.12.11+Sun/8.12.11/Submit) id i6FIS7qs646311; Thu, 15 Jul 2004 13:28:07 -0500 (CDT)
Date: Thu, 15 Jul 2004 13:28:07 -0500
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: Simon Josefsson <jas@extundo.com>
Cc: ietf-sasl@imc.org
Subject: Re: GSS-API channel bindings
Message-ID: <20040715182807.GZ632478@binky.central.sun.com>
Mail-Followup-To: Simon Josefsson <jas@extundo.com>, ietf-sasl@imc.org
References: <40DC9563.4070006@isode.com> <40E1381F.4020409@isode.com> <ilufz86j3iq.fsf_-_@latte.josefsson.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <ilufz86j3iq.fsf_-_@latte.josefsson.org>
User-Agent: Mutt/1.4.1i
Sender: owner-ietf-sasl@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-ID: <ietf-sasl.imc.org>
List-Unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
On Mon, Jul 05, 2004 at 09:51:09AM +0200, Simon Josefsson wrote: > > There is a requirement that the GSS-API channel bindings are NULL. > I'd feel more comfortable if there was a way to somehow make use of > channel bindings, to link the authentication to the specific channel. > Does anyone have ideas on whether to add this, and if the answer is > positive, how it might be done? 1. Existing GSS-API mechanisms fail to correctly deal with channel bindings. E.g., SPKM is way underspaecified in general, and here specifically; also, the Kerberos V mechanism does not have a way for the acceptor to prove to the initiator that it too has the same channel bindings as the initiator. 2. We're trying to address this through a stackable pseudo-mechanism (CCM-BIND) one of whose purposes is to address this problem. See: draft-ietf-nfsv4-ccm-03.txt 3. The whole subject of channel bindings needs further specification. I'm about to submit a new version of draft-ietf-nfsv4-channel-bindings (-01.txt) that does this and which describes what goes into the channel bindings for SSHv2, TLS and IPsec channels, and then I'll submit draft-williams-gssapi-channel-bindings-00.txt for the KITTEN BoF (and, hopefully, WG), which fills in the details of how to use channel bindings to SSHv2, TLS and IPsec channels with the GSS-API. The deadline for filing new I-Ds has passed though, so this won't get posted to the I-D repository until after this meeting. 4. Given CCM-BIND and the two other drafts it should be possible to use SASL with GSS-API channel bindings; SASL APIs will have to be modified so the application can provide the necessary channel information. 5. I have proposed a set of interfaces for determining the features of GSS mechs, as part of a framework for stackable pseudo-mechanisms, which should help GSS apps avoid having to hardcode mechanism OIDs and information about them (e.g., "channel bindings work well with this mechanism, but not with that one"). See: draft-williams-gssapi-stackable-pseudo-mechs-00.txt As you can see, there's a lot of activity around this topic. > I understand that the simplest "solution", from the SASL mechanism > point of view, might simply be to consider GSS-API mechanisms, that > doesn't link gss_wrap/gss_get_mic tokens with one specific > authentication, as broken. However, channel bindings are provided by > GSS-API to enable applications to close this hole, hence these GSS-API > mechanisms can probably not be viewed as broken in general. So it is > unfortunate that the SASL wrapping of GSS-API forbid channel bindings. > I'd say this warrant a paragraph in the security section, unless the > text about channel bindings is loosened up. The SASL handling of GSS-API mechanisms does need some tweaking, both, in light of the above and to provide for re-keying (GSS-API contexts can expire, after all) by reestablishing GSS security contexts for the principals involved. Cheers, Nico --
- New revision of draft-ietf-sasl-gssapi Alexey Melnikov
- GSS-API channel bindings Simon Josefsson
- Re: GSS-API channel bindings Nicolas Williams
- Re: GSS-API channel bindings Simon Josefsson
- Re: GSS-API channel bindings Nicolas Williams
- Re: GSS-API channel bindings Alexey Melnikov
- Re: GSS-API channel bindings Nicolas Williams